View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005737 | Composr | core | public | 2024-04-26 02:29 | 2024-04-26 16:27 |
| Reporter | Patrick Schmalstig | Assigned To | Patrick Schmalstig | ||
| Severity | Security-hole | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | 11.alpha2 | ||||
| Fixed in Version | |||||
| Summary | 0005737: DOS loop attack vulnerability in sources/http.php | ||||
| Description | The file sources/http.php had a DOS loop attack prevention mechanism that was ineffective, leaving the HttpDownloader vulnerable to DOS loop attacks. The mechanism was to set the internal ua to Composr-recurse so that if the user agent ever came back as such, HttpDownloader would exit. However, Composr-recurse was being set on an unused local variable instead of the class' actual user agent (ua) variable. This made the prevention ineffective. The git commit commented below contains a hotfix. | ||||
| Tags | No tags attached. | ||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
|
|
Fixed in git commit https://gitlab.com/composr-foundation/composr/-/commit/4a5223f827098ec126701fa900c8e5ce4669e4da |
|
|
This issue does NOT affect v10. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-04-26 02:29 | Patrick Schmalstig | New Issue | |
| 2024-04-26 02:29 | Patrick Schmalstig | Status | non-assigned => assigned |
| 2024-04-26 02:29 | Patrick Schmalstig | Assigned To | => Patrick Schmalstig |
| 2024-04-26 02:30 | Patrick Schmalstig | Note Added: 0008688 | |
| 2024-04-26 02:30 | Patrick Schmalstig | Status | assigned => resolved |
| 2024-04-26 02:30 | Patrick Schmalstig | Resolution | open => fixed |
| 2024-04-26 02:43 | Patrick Schmalstig | Note Added: 0008689 |
